There is a new variant of the OpFake mobile malware
making the rounds, and this version comes bundled with a version of the
legitimate Opera Mini mobile browser. The malware targets Android
phones and steals money from victims by sending SMS messages without the
user's knowledge to premium-rate numbers and also collects data about
the device it infects.
Researchers at GFI Labs discovered the new
variant of OpFake in recent days, and found that, unlike older versions
of the malware that disguised itself as Opera Mini, this version
actually downloads a copy of the mobile browser. The attackers have set
up a fake Opera Mini Web site that encourages users to download the
browser. Clicking on the link on the site begins the installation
routine for the malware, downloading a package called "opera_mini_65.apk".